14 Apr 2022
Producers’ Cybersecurity Checklist: 20 Ways to Operate Safely Online
By Rafael Pelaez, Chief Information Security Officer, Pan-American Life Insurance Group
Estimated read time: 4 minutes
As you know, cybersecurity is a top priority at PALIG. We are continually enhancing our information security capabilities. In addition, we are committed to ensuring that all of our system users—including agents and brokers—remain current on cybersecurity best practices.
Because producers are the first to handle policyholders’ personal information, you play a crucial role in protecting it. Cybercriminals never stop developing new, more insidious methods of attack—and we must never let down our guard.
We ask you to commit to following PALIG’s cybersecurity best practices, including these 20 basic protocols.
Practice Smart Password Safety
- Passwords are the key to accessing most digital data, so always create long, strong, unique passwords. Use a mix of uppercase and lowercase letters, numbers, and special characters. (You can also use phrases or sentences if that’s easier.)
- Change your passwords regularly. Don’t wait for a prompt from a software provider; put it on your calendar and do it routinely. This makes it harder for hackers to keep up.
- Use a different password for each account. Otherwise, when a cyberthief gets hold of one of your passwords, he has open access to all of your accounts.
- Keep your passwords secure and confidential. Don’t share them or save them on browsers—it may save a few seconds, but it’s not worth the risk.
- Use multi-factor authentication whenever available. That way, even if your password is breached, your accounts can’t be accessed. It’s simple: when you attempt to log in, the account provider texts or emails you an additional code to input. It only takes a minute more to add this valuable layer of protection.
Maintain Your Devices’ Security
- Keep all your devices—PCs, laptops, smartphones, tablets—updated with the latest versions of software and apps. You’re not only protecting your own devices, but the security of everyone you connect with online.
- Enable automatic software updates. Or, as soon as you’re alerted that an update is available, download it. Beyond new features, software updates often add timely security patches, developed in response to newly-discovered vulnerabilities and threats.
- Install reputable antivirus and anti-malware software on your devices, and keep your subscriptions current. Such software can periodically scan your entire system, erasing or quarantining malicious codes and malware.
- Don’t use your work devices for anything other than work-related business. Do not allow others to use them. Use your personal devices for everything else: personal email, social media, online shopping, etc.
Guard against Phishing Scams
- As we’ve previously discussed, the frequency and sophistication of phishing emails have skyrocketed since the pandemic began. Study emails from unknown users closely. Look for typos and inconsistencies; hover over embedded links to reveal the true URL. Never click the links or open attachments from senders you don’t know.
- Be leery of unsolicited emails about current events, especially COVID-19.
- Watch for spear-phishing attempts aimed at your agency. Often, these emails try to create panic by claiming that your password has been stolen or your account has been breached.
- According to one recent cybersecurity survey, companies are experiencing an average of nearly 1,200 phishing attacks per month. Become an expert on this dangerous cyberthreat: read our companion blog, Avoiding Phishing Scams.
Secure Your Wireless Network
- Beyond your devices and passwords, safeguard your wireless network, too. Start by changing the default administrator password to your Internet router or wireless access point (whichever controls your wireless network). The admin account allows you to configure your network setting.
- Then, enable the security mechanism WPA2 and create a strong, unique passwords. This will require anyone attempting to connect to your network to enter the password. Once you’re connected, your activities are encrypted.
- If you’d like to offer guests safe access to your wireless network, see if it supports a Guest Network. If you add a Guest network, enable WPA2 and create a unique password.
- Remember, you don’t have access to your wireless network in public settings. When you’re out, use a virtual private network (VPN) to keep your activity protected. Avoid public computers, period.
Build Safe Online Habits
Finally, here’s a few remaining tips for operating safely online.
- Take care when typing in URLs. Often, hackers leverage common typos to create a fraudulent website that mirrors the original, defrauding oblivious users.
- Be mindful of what you post publicly. Pause before you click, and ask yourself if the information you’re sharing could harm you down the road.
- Stay coolheaded o Don’t give into curiosity and click mysterious links, or react rashly to potentially alarming news. Cybercriminals are masters at manipulating emotion. When we’re not thinking clearly, we’re more vulnerable to their tricks.
Cybersecurity Is Everyone’s Business
Without saying, your personal security is important. But it is also our collective responsibility to protect the valuable information we collect from policyholders.
Because you deal directly with clients, you serve on the frontlines of PALIG’s cybersecurity efforts. Your clients are trusting you—and us—with their most personal data. It’s up to all of us to live up to that trust—every single day.
About the author: Rafael Pelaez is PALIG’s Vice President and Chief Information Security Officer. In his role, he is responsible for leading our information security strategy to make way for innovative new efforts such as cloud integration and migration as well as establishing balance between security measures and business growth. Rafael has over 20 years of dedicated experience in cybersecurity. He served as a leader for E&Y’s Risk Management & Cyber Security practice. Prior to his tenure at E&Y, he held notable leadership roles at Pfizer, Accenture, Carrefour Group and Schneider Electric.